/*
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description: 
* PKIXVALIDATIONRESULT.H
* Implementation of the class storing PKIX validation result information 
*
*/


/**
 @file 
 @publishedAll
 @released
*/
 
#ifndef __PKIXVALIDATIONRESULT_H__
#define __PKIXVALIDATIONRESULT_H__

#include <x509certchain.h>
#include <x509certext.h>

class RReadStream;
/**
 * Base class for CPKIXValidationResult.
 */
class CPKIXValidationResultBase : public CBase
	{
public:
	/** Creates a new PKIX Validation Result object.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResultBase* NewL();
	
	/** Creates a new PKIX Validation Result object, and puts a pointer to it onto 
	* the cleanup stack.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResultBase* NewLC();
	
   /** Creates a new PKIX Validation Result object from a stream.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResultBase* NewL(RReadStream& aStream);
	
	/** Creates a new PKIX Validation Result object from a stream, and puts a pointer to it onto 
	* the cleanup stack.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResultBase* NewLC(RReadStream& aStream);

	/** The destructor.
	* 
	* Frees all resources owned by the object. */
	IMPORT_C ~CPKIXValidationResultBase();
	
	/** Gets the error status of the operation.
	* 
	* Errors are considered fatal, i.e. validation has failed.
	* 
	* @return	The error status of the operation. */
	IMPORT_C const TValidationStatus Error() const;
	
	/** Gets a list of warnings generated.
	* 
	* The warnings may or may not be fatal, depending on the context, which the 
	* client is expected to provide.
	* 
	* @return	An array of any warnings generated. */
	IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;
	
	/** Gets a list of all the certificate policies which have been accepted implicitly 
	* in the course of validation.
	* 
	* @return	An array of certificate policies. */
	IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;
	
	/** Resets the validation result object to its default values. 
	 * @internalTechnology
	 */
	void Reset();
	
	/** Sets the error status, and then leaves.
	* 
	* The function uses SetError() to set the error status.
	* 
	* @param aError	The error type that occurred when validating the certificate chain.
	* @param aCert	The index number identifying the certificate that gave rise to 
	* 				the error. 
    * @internalTechnology
	*/
	void SetErrorAndLeaveL(const TValidationError aError, const TInt aCert);
	
	/** Sets the error status.
	* 
	* @param aError	The error type that occurred when validating the certificate chain.
	* @param aCert	The index number identifying the certificate that gave rise to 
	* 				the error. 
	* @internalTechnology
	*/
	void SetError(const TValidationError aError, const TInt aCert);
	
	/** Adds a warning to the validation result.
	* 
	* @param aWarning	The warning to be added. 
	* @internalTechnology
	*/
	void AppendWarningL(TValidationStatus aWarning);
	
	/** Adds a policy to the validation result.
	* 
	* @param aPolicy	The policy to be added.
	* @internalTechnology
	*/
	void AppendPolicyL(CX509CertPolicyInfo& aPolicy);

	/** Removes all policies from the validation result.
	* 
	* It is used by the validation process to remove policies it has added when 
	* the computation cannot complete because of environmental conditions such as 
	* out of memory, file access failures, etc..
	* @internalTechnology
	*/
	// (not like signature validation...)
	void RemovePolicies();

	// Internalization/Externalization
	// Externalize. Writes the data out to a stream
	/** Externalises an object of this class to a write stream.
	* 
	* The presence of this function means that the standard templated operator<<() 
	* can be used to externalise objects of this class.
	* 
	* @param aStream	Stream to which the object should be externalised. */
	IMPORT_C void ExternalizeL(RWriteStream& aStream) const;

	// Internalize. Reads the data from a stream 
	/** Internalises an object of this class from a read stream.
	* 
	* The presence of this function means that the standard templated operator>>() 
	* can be used to internalise objects of this class.
	* 
	* Note that this function has assignment semantics: it replaces the old value 
	* of the object with a new value read from the read stream.	
	* 
	* @param aStream	Stream from which the object should be internalised. */
	IMPORT_C void InternalizeL(RReadStream& aStream);
	
	/** Returns a list of critical extensions encountered and warnings generated by
	* certificates during chain validation.
	* 
	* @return	An array of certificate warnings. */
	IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;
	
	/** Adds a certificate warning to the validation result.
	* 
	* @param aCertWarning	The warning to be added. */
	IMPORT_C void AppendCertificateValidationObjectL(const CCertificateValidationWarnings& aCertWarning);
	
	/** Adds a critical extension OID warning.
	* 
	* @param aCriticalExt	The critical extension OID to be added. */
	IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt);
	
protected:
	IMPORT_C CPKIXValidationResultBase();
	IMPORT_C void ConstructL();
	
private:
	TValidationStatus iError;
	CArrayFixFlat<TValidationStatus>* iWarnings;
	CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies;
	RPointerArray<CCertificateValidationWarnings> iCertWarnings;
	};

/** Stores the information regarding the results of a validation of a PKIX 
* certificate chain. 
*
* @since v6.0 */
class CPKIXValidationResult : public CPKIXValidationResultBase
	{
public:
	/** Creates a new PKIX Validation Result object.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResult* NewL();
	
	/** Creates a new PKIX Validation Result object, and puts a pointer to it onto 
	* the cleanup stack.
	* 
	* @return	The new PKIX Validation Result object. */
	IMPORT_C static CPKIXValidationResult* NewLC();
	
	/** The destructor.
	* 
	* Frees all resources owned by the object. */
	IMPORT_C ~CPKIXValidationResult();
	
	/** Gets the error status of the operation.
	* 
	* Errors are considered fatal, i.e. validation has failed.
	* 
	* @return	The error status of the operation. */
	IMPORT_C const TValidationStatus Error() const;
	
	/** Gets a list of warnings generated.
	* 
	* The warnings may or may not be fatal, depending on the context, which the 
	* client is expected to provide.
	* 
	* @return	An array of any warnings generated. */
	IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;
	
	/** Gets a list of all the certificate policies which have been accepted implicitly 
	* in the course of validation.
	* 
	* @return	An array of certificate policies. */
	IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;
	
	/** Returns a list of critical extensions encountered and warnings generated by
	* certificates during chain validation. A CCertificateWarning object is returned for
	* each certificate in the chain, even if no critical extensions or warnings were 
	* encountered. The array's data is in the same order as the certificate chain.
	* 
	* @return	An array of certificate warnings. Ownership is not transferred 
	* to the caller. */
	IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;

private:
	CPKIXValidationResult();
	};

#endif